Senator Rounds, chairman of the Senate Armed Services Subcommittee on Cybersecurity, told witnesses Tuesday that ‘‘Your testimony on securing and defending the DODIN comes at a critical juncture for our nation's cybersecurity posture,’’ underlining the subcommittee’s focus on protecting the Department of Defense Information Network (DODIN).

The hearing concentrated on rapid deployment of zero‑trust capabilities — primarily DISA’s Thunderdome — metrics for measuring DODIN readiness, the effects of recent civilian workforce changes, and the expanding role of artificial intelligence in network defense. The committee signaled it will continue the discussion in a closed session and requested questions for the record from members who do not attend the classified portion.

Lieutenant General Stanton, director of the Defense Information Systems Agency (DISA) and commander of Joint Force Headquarters, Department of Defense Information Network (JFHQ DODIN), described Thunderdome as DISA’s implementation of zero‑trust and said it has already been assessed by a third party as meeting “all 132 of the 132 Department of Defense standards and activities for zero trust.” He said Thunderdome checks user identity and device security before granting access, and continuously reevaluates access on subsequent requests.

Stanton said DISA and JFHQ DODIN are integrating Thunderdome into DODNET (a modernized DoD network infrastructure) and into the Multi Partner Environment (MPE) to accelerate deployment. He told the subcommittee that the programs discussed, including Thunderdome and zero‑trust security measures, are expected to reach readiness by 2027.

Members pressed for interim protections while the zero‑trust rollouts continue. Stanton acknowledged the risk that no system is 100% secure but emphasized continuous evaluation, logging and the ability to revoke identity certificates in real time if anomalous activity is detected.

Committee members also asked about how operational readiness will be reported. Senator Rounds referenced the September 2024 DODIN Command Operational Framework and asked how the department’s readiness tool, the Defense Readiness Reporting System (DIRS), will capture cybersecurity metrics. Stanton said baseline metrics for cybersecurity service providers (CSSPs) are being recorded in DIRS and that teams assess CSSP effectiveness across 45 DODIN areas of operation; he added DISA is working to develop additional metrics for a more comprehensive readiness picture.

Workforce issues were central to the discussion. Stanton said the combined DISA/JFHQ population is roughly 20,000 personnel, with slightly more than half contracted, about 6,800 civilians and about 1,200 active‑duty service members. He told the subcommittee the agency expects “about a 10 [percent] loss” in personnel tied to recent workforce actions and described efforts to “ruthlessly realign” roles, pursue ‘‘surgical rehiring’’ and request targeted authorities from the department to fill critical technical positions.

On recruiting and retention, Stanton highlighted DISA’s scholarship‑for‑service program and workforce strategy published in February; he said DISA brought 39 individuals into that scholarship program in the past year and can scale recruitment substantially. He characterized the mission itself, and operational experience against adversaries, as a key retention factor that complements pay and benefits.

Members also asked about the role of artificial intelligence. Stanton said AI and large language models are used across classification levels to increase workforce efficiency, model transport networks (for example, rerouting traffic if an undersea cable is disrupted), and correlate large log datasets for campaign‑level threat detection. He said quantum effects are further out but that DISA is preparing to adapt when those technologies materialize.

Senator Wilson raised concerns about the initial enrollment and validation of users and devices in a zero‑trust registry as a potential vulnerability; Stanton responded that Enterprise Identity Credentialing and Access Management (EICAM) provides multi‑factor validation, time‑bound certificates and immediate revocation capabilities when anomalies are detected.

The hearing also touched on contract reviews and recent department guidance. Stanton said contract and insourcing reviews are part of ensuring the right industry partners perform technical roles and that the department has asked for a targeted approach rather than blanket action. The open session concluded with the chair announcing the committee would move to a closed briefing; members not attending were told questions for the record are due within two business days.

Less critical details raised during the session included discussion of spectrum priorities for defense radars and a reminder from members that certain topics will be examined in classified settings. The open portion ended after roughly 43 minutes and with the subcommittee signaling continued oversight as zero‑trust programs, readiness measurement and workforce restructuring proceed.